hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
c3a853d2cf868f00cda8fae6ec2ed2a3a2709782
websafe-kb/08-threat-intel/registry/advisories/discourse--0a6de28d35.json

146 行
13 KiB
JSON
原始文件 Blame 文件历史

{
"canonical_id": "discourse--0a6de28d35",
"system_id": "discourse",
"display_name": "Discourse",
"category": "cms",
"advisory_mode": "core",
"title": "3.5.0.beta7: Smart link editing, better invite tracking, unique icons, and fixing name management",
"summary": "<h2><a name=\"p-1796136-new-features-in-350beta7-1\" class=\"anchor\" href=\"https://meta.discourse.org#p-1796136-new-features-in-350beta7-1\" aria-label=\"Heading link\"></a>New features in 3.5.0.beta7</h2>\n<h3><a name=\"p-1796136-smart-link-editing-in-the-composer-2\" class=\"anchor\" href=\"https://meta.discourse.org#p-1796136-smart-link-editing-in-the-composer-2\" aria-label=\"Heading link\"></a>Smart link editing in the composer</h3>\n<p>As part of the ongoing development of the new composer, we have added a floating toolbar to inline links, making them easier to view, edit, and manage. The toolbar allows you to open the link in a new tab, as well as remove or copy it, and edit its text and destination. The new composer, that includes this link toolbar, is still in development. You can enable it on your site and help us test it by following <a href=\"https://meta.discourse.org/t/test-our-new-composer/352347\">this guide</a>.</p>\n<p><img src=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/4/7/0/47094c932a82733ea4767f3ecc59702bb51ad290.gif\" alt=\"link-showcase\" data-base62-sha1=\"a8pP4d0PR3ssekOArnyGY4K5Y9W\" width=\"558\" height=\"500\" class=\"animated\"></p>\n<h3><a name=\"p-1796136-track-individual-invites-with-custom-descriptions-3\" class=\"anchor\" href=\"https://meta.discourse.org#p-1796136-track-individual-invites-with-custom-descriptions-3\" aria-label=\"Heading link\"></a>Track individual invites with custom descriptions</h3>\n<p>Invites can now have a custom description added, making them easier to identify. This helps keep your invites page more ordered, and allows you to track the performance of individual links. You can label invites based on the platform where you share them, who you share them with, what event you shared them at, or any other criteria you like.</p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/b/a/4/ba41dbe702e0904fe9dc1231b6e3382add658eb3.png\" data-download-href=\"/uploads/short-url/qzHUwKMFuQ9nfhJyNh5ySbW15Zx.png?dl=1\" title=\"CleanShot 2025-06-23 at 16.44.13@2x\" rel=\"noopener nofollow ugc\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/a/4/ba41dbe702e0904fe9dc1231b6e3382add658eb3_2_690x87.png\" alt=\"CleanShot 2025-06-23 at 16.44.13@2x\" data-base62-sha1=\"qzHUwKMFuQ9nfhJyNh5ySbW15Zx\" width=\"690\" height=\"87\" srcset=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/a/4/ba41dbe702e0904fe9dc1231b6e3382add658eb3_2_690x87.png, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/a/4/ba41dbe702e0904fe9dc1231b6e3382add658eb3_2_1035x130.png 1.5x, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/a/4/ba41dbe702e0904fe9dc1231b6e3382add658eb3_2_1380x174.png 2x\" data-dominant-color=\"9E9D9D\"></a></div><p></p>\n<h3><a name=\"p-1796136-unique-user-preference-icons-4\" class=\"anchor\" href=\"https://meta.discourse.org#p-1796136-unique-user-preference-icons-4\" aria-label=\"Heading link\"></a>Unique user preference icons</h3>\n<p>The icons on the tabs for user preferences have been improved, so each tab now has a different icon. Going forward, instead of seeing the same icon on multiple tabs, each one will have a relevant and unique icon, making navigation easier for all users.</p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/6/2/d/62d24d74e8995d989e40661de09504ac439b84d0.png\" data-download-href=\"/uploads/short-url/e6dmwpQ5fK1xkVsXEe2MZZ9euYg.png?dl=1\" title=\"Backdrop 3\" rel=\"noopener nofollow ugc\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/6/2/d/62d24d74e8995d989e40661de09504ac439b84d0_2_690x306.png\" alt=\"Backdrop 3\" data-base62-sha1=\"e6dmwpQ5fK1xkVsXEe2MZZ9euYg\" width=\"690\" height=\"306\" srcset=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/6/2/d/62d24d74e8995d989e40661de09504ac439b84d0_2_690x306.png, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/6/2/d/62d24d74e8995d989e40661de09504ac439b84d0_2_1035x459.png 1.5x, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/6/2/d/62d24d74e8995d989e40661de09504ac439b84d0_2_1380x612.png 2x\" data-dominant-color=\"ECF5F8\"></a></div><p></p>\n<h3><a name=\"p-1796136-admin-name-editing-when-full-names-are-not-enabled-5\" class=\"anchor\" href=\"https://meta.discourse.org#p-1796136-admin-name-editing-when-full-names-are-not-enabled-5\" aria-label=\"Heading link\"></a>Admin name editing when full names are not enabled</h3>\n<p>We recently took some time to work on a bug that affects how admins can manage the full names of their users when the <code>enable names</code> setting is disabled. This was <a href=\"https://meta.discourse.org/t/disabling-enable-names-makes-admin-act-strange/291912\">reported and discussed</a>, before a fix was implemented with the result that now admins can see and edit their user\u2019s full names, even if they are hidden on the rest of the site. This functionality is frequently required for tracking and compliance, with this fix allowing more effective administration of their sites.</p>\n<h2><a name=\"p-1796136-security-updates-6\" class=\"anchor\" href=\"https://meta.discourse.org#p-1796136-security-updates-6\" aria-label=\"Heading link\"></a>Security Updates</h2>\n<p>This release includes fixes for these security issues reported by our community and <a href=\"https://hackerone.com/discourse\" rel=\"noopener nofollow ugc\">HackerOne</a>.</p>\n<ul>\n<li><a href=\"https://github.com/discourse/discourse/security/advisories/GHSA-26p5-mjjh-wfcf\" class=\"inline-onebox\" rel=\"noopener nofollow ugc\">XSS via user-provided query parameter in oauth failure flow \u00b7 Advisory \u00b7 discourse/discourse \u00b7 GitHub</a></li>\n<li><a href=\"https://github.com/discourse/discourse/security/advisories/GHSA-79qw-r73r-69gf\" class=\"inline-onebox\" rel=\"noopener nofollow ugc\">Users are able to see their own whispers even after being removed from a group that has been configured to see whispers \u00b7 Advisory \u00b7 discourse/discourse \u00b7 GitHub</a></li>\n</ul>\n <p><small>2 posts - 2 participants</small></p>\n <p><a href=\"https://meta.discourse.org/t/3-5-0-beta7-smart-link-editing-better-invite-tracking-unique-icons-and-fixing-name-management/370633\">Read full topic</a></p>",
"published_at": "Wed, 25 Jun 2025 03:38:45 +0000",
"updated_at": "Wed, 25 Jun 2025 03:38:45 +0000",
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://meta.discourse.org/t/3-5-0-beta7-smart-link-editing-better-invite-tracking-unique-icons-and-fixing-name-management/370633",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"xss-output-encoding",
"plugin-extension-trust-policy",
"file-upload-validation",
"dependency-upgrade-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"entity_refs": [
{
"entity_id": "discourse",
"entity_type": "system",
"relation": "root-system",
"root_system_id": "discourse",
"official": true
}
],
"affected_components": [
{
"name": "Discourse",
"entity_id": "discourse",
"scope": "core",
"package_name": null,
"official": true
}
],
"affected_version_ranges": [],
"fixed_version_ranges": [],
"introduced_version": null,
"patched_version": null,
"version_evidence_sources": [
"https://meta.discourse.org/t/3-5-0-beta7-smart-link-editing-better-invite-tracking-unique-icons-and-fixing-name-management/370633"
],
"advisory_scope": "core",
"version_confidence": "low",
"version_gap_reason": "official bulletin or aggregated source did not expose explicit affected/fixed versions",
"version_resolution_needed": true,
"workflow": {
"workflow_id": "discourse--0a6de28d35--workflow",
"vuln_family": "xss",
"entry_surface": "web-ui-render-path",
"preconditions": [
"\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
"\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: \u9700\u8981\u4ece\u516c\u544a\u3001\u9501\u6587\u4ef6\u3001\u7248\u672c\u9875\u6216\u5173\u4e8e\u9875\u9762\u4eba\u5de5\u786e\u8ba4\u7248\u672c\u547d\u4e2d",
"\u82e5\u5bf9\u8c61\u5c5e\u4e8e `core`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
],
"required_role": "editor-or-admin",
"affected_version_assertion": [
"\u9700\u8981\u4ece\u516c\u544a\u3001\u9501\u6587\u4ef6\u3001\u7248\u672c\u9875\u6216\u5173\u4e8e\u9875\u9762\u4eba\u5de5\u786e\u8ba4\u7248\u672c\u547d\u4e2d"
],
"trigger_vector": "\u5bf9 `xss` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
"request_or_ui_path": [
"/admin/editor",
"/preview",
"/rendered-content"
],
"input_shape": "\u53d7\u63a7 HTML/Markdown/\u5bcc\u6587\u672c\u8f93\u5165\uff0c\u89c2\u5bdf\u6e32\u67d3\u4e0a\u4e0b\u6587\u662f\u5426\u5931\u53bb\u7f16\u7801\u6216\u51c0\u5316\u3002",
"expected_unsafe_behavior": "\u8f93\u5165\u5728\u76ee\u6807\u4e0a\u4e0b\u6587\u6267\u884c\u6216\u88ab\u6d4f\u89c8\u5668\u89e3\u91ca\u4e3a\u4e3b\u52a8\u5185\u5bb9\u3002",
"server_evidence_points": [
"\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
"\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
],
"browser_evidence_points": [
"\u57fa\u7ebf\u622a\u56fe\u4e0e\u653b\u51fb\u540e\u622a\u56fe\u7684 DOM/\u89c6\u89c9\u5dee\u5f02",
"console\u3001network \u4e0e response metadata \u4e2d\u7684\u5f02\u5e38\u4fe1\u53f7"
],
"db_or_fs_evidence_points": [
"\u6570\u636e\u5e93\u4e2d\u65b0\u589e/\u8d8a\u6743\u8bfb\u53d6\u7684\u6d4b\u8bd5\u6570\u636e",
"\u6587\u4ef6\u7cfb\u7edf\u4e2d\u65b0\u589e\u4e0a\u4f20\u6837\u672c\u3001\u7f13\u5b58\u6761\u76ee\u6216\u8d8a\u6743\u8bfb\u53d6\u75d5\u8ff9"
],
"detection_signals": [
"WAF / reverse proxy \u5f02\u5e38\u65e5\u5fd7\u3001\u8bbf\u95ee\u65e5\u5fd7\u548c\u544a\u8b66",
"\u5e94\u7528\u5ba1\u8ba1\u65e5\u5fd7\u4e2d\u7684\u6743\u9650\u9519\u8bef\u3001\u91cd\u5b9a\u5411\u5f02\u5e38\u3001\u6a21\u677f\u6e32\u67d3\u6216\u4e0a\u4f20\u843d\u76d8\u4e8b\u4ef6"
],
"mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
"patch_validation_steps": [
"\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `\u53d7\u5f71\u54cd\u7248\u672c\u533a\u95f4` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `\u4fee\u590d\u7248\u672c`\u3002",
"\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
"\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
"\u8865\u5145 `xss` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
],
"lab_safety_notes": [
"\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
"\u7981\u6b62\u9020\u6210\u6301\u4e45\u7834\u574f\u3001\u8d8a\u6743\u4e0b\u8f7d\u771f\u5b9e\u6570\u636e\u6216\u4e0d\u53ef\u56de\u6eda side effect\u3002",
"\u5982\u9700\u6d4f\u89c8\u5668\u8bc1\u636e\uff0c\u4fdd\u7559 baseline / proof \u4e24\u4efd\u5feb\u7167\u4ee5\u53ca console / network \u8bb0\u5f55\u3002"
],
"review_state": "needs-version-gap-review"
},
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"historical_status": null,
"latest_status": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Discourse Release Notes RSS"
],
"source_kinds": [
"rss-feed"
],
"candidate_count": 1,
"entity_ref_count": 1,
"advisory_scope": "core",
"version_confidence": "low",
"workflow_id": "discourse--0a6de28d35--workflow"
}
}
在新工单中引用 查看 Git Blame 复制永久链接